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DETAILED ACTION 



1. 



Applicant's arguments filed 2/10/2009 have been fully considered. 



2. 



Claims 1-13 are pending and have been examined. 



Response to Amendment 



3. Regarding Applicant's arguments, Examiner respectfully points to the teachings 
of Vallee. Therefore, Vallee teaches the features as follows: 

creating a trusted source application to generate and publish encrypted values of 
a secret and product of first and second large prime numbers (par.96-97, processing 
done by entity to be authenticated); 

reading the encrypted values for the secret and product, by the prover and 
verifier from the trusted source (par.98, processing done by entity B); 

decrypting the secret, by the prover and verifier; decrypting the product, by the 
prover and verifier (par. ICQ, B verifies response from A); and 

performing a plurality of verification dialog between the prover and verifier, 
wherein the prover demonstrates knowledge of the secret and product without exposing 
the values of the secret and product, and wherein the client is denied access to a 
secure area of the host when the prover fails to demonstrate knowledge of the secret 
and product and granted access to the secure area when the client succeeds in 
demonstrating knowledge of the secret and product (par.90-108, repeating this a 
number t times, to authenticate the prover). 
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4. Regarding tlie argument tliat tine art does not teacli "granting access to an area", 
the area properly maps to providing or denying services, the services being "secure 
area", since the services can be information stored for access, thus secure area. 

5. Regarding claim 6, Vallee teaches delaying authentication, the values are stored 
and authenticated later (par.104-108). 

6. Regarding the argument against Bartram, Examiner respectfully points out that 
authentication between peers was conventional and well known, zero-knowledge 
protocols for authentication were conventional and well known, and someone of 
ordinary skill in the art would have been able to use one protocol over the other in the 
system of Bartram with reasonable expectation of success. Bartram provides the 
architecture to implement authentication between peers, the protocol or algorithm used, 
is irrelevant. It would have been obvious to someone of ordinary skill in the art to 
replace Bartram's authentication scheme with other schemes. 

7. Regarding the argument that Bartram does not provide an authentication agent 
and a prover agent. Examiner respectfully submits that these features are at the heart of 
Bartram's invention, peers, as it is conventional and well known, act as client (prover) 
and server (authentication), i.e. Bartram teaches that a peer may authenticate other 
peers, or may authenticate itself to other peers. 

8. The cited portion of the specification that support the statement of "admission" 
are found in the background "zero-knowledge identification protocol" (par.3) and "allows 
prover to have a set, greater than two, of possible answers, as is provided by Fiat- 
Shamir protocol" (par.10, it admits that Fiat-Shamir exists and was used as 
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authentication). Tlius, tlie invention is simply implementing Fiat-Shamir on a peer-to- 
peer environment, as such, Bartram teaches the architecture, and the admission, and 
state of the art at the time the invention was made, teach to use a zero-knowledge 
protocol. 

9. Assuming arguendo Bartram does not teach what it teaches and the admission is 
not an admission, Bartram at the very least teaches the architecture, and Vallee 
teaches using zero-knowledge, therefore, it would have been obvious to someone of 
ordinary skill in the art to combine the two, to use zero-knowledge protocols on a peer- 
to-peer environment. 

Claim Rejections - 35 USC § 101 

10. 35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of 
matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the 
conditions and requirements of this title. 

1 1 . Claims 5-7 are rejected under 35 U.S.C. 101 because the claimed invention is 
directed to non-statutory subject matter. 

12. Claim(s) 5-7 is/are rejected under 35 U.S.C. 101 as not falling within one of the 
four statutory categories of invention. While the claims recite a series of steps or acts to 
be performed, a statutory "process" under 35 U.S.C. 101 must (1) be tied to particular 
machine, or (2) transform underlying subject matter (such as an article or material) to a 
different state or thing. See page 10 of In Re Bilski 88 USPQ2d 1385. The instant 
claims are neither positively tied to a particular machine that accomplishes the claimed 
method steps nor transform underlying subject matter, and therefore do not qualify as a 
statutory process. The method including steps of ... is broad enough that the claim 
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could be completely performed mentally, verbally or without a machine nor is any 
transformation apparent. 

Claim Rejections - 35 USC § 102 

1 3. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 1 02 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the Invention was described In (1 ) an application for patent, published under section 1 22(b), by 
another filed In the United States before the Invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed In the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351 (a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 

14. Claims 5-6 are rejected under 35 U.S.C. 102(e) as being anticipated by 
Vallee et al. (US 2004/0177252, hereinafter Vallee). 

Regarding claim 5, Vallee teaches 

a method of protecting a host from unauthorized client access over a network, 
comprising the steps of (abstract, authentication): 

installing a prover agent application on the client (par.7-12, entity to be 
authenticated); 

installing a verifier agent application on the host (par.7-12, authenticator); 

creating a trusted source application to generate and publish encrypted values of 
a secret and product of first and second large prime numbers; reading the encrypted 
values for the secret and product, by the prover and verifier from the trusted source; 
decrypting the secret, by the prover and verifier; decrypting the product, by the prover 
and verifier; and performing a plurality of verification dialog between the prover and 
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verifier, wlierein the prover demonstrates knowledge of the secret and product without 
exposing the values of the secret and product, and wherein the client is denied access 
to a secure area of the host when the prover fails to demonstrate knowledge of the 
secret and product and granted access to the secure area when the client succeeds in 
demonstrating knowledge of the secret and product (par.90-108, Fiat-Shamir protocol). 

Regarding claim 6, Vallee teaches wherein the steps of decrypting the secret 
and product further utilize previous values of the secret and product as operators in the 
modulus inverse operations (par.90-108, Fiat-Shamir protocol). 

Claim Rejections - 35 USC § 103 

1 5. The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

16. Claims 1, 3, 8, and 13 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Bartram et al. (US 2004/0054885, hereinafter Bartram), and 
further in view of Admission (specification, pages 1-3, USE of zero knowledge 
protocols). 

Regarding claims 1, 8, and 13, Bartram teaches 

a method of non-centralized authentication for a computer network, comprising 
steps of (abstract, peer-to-peer): 

establishing a first computer having a first authentication agent and a first prover 
agent on the computer network (par.26-29, authentication software); 
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detecting a first autlientication request over tine computer network from a second 
computer having a second prover agent (par.26-29, authenticate another unit); 

authenticating the second prover agent through a identification protocol (par.26- 
29, authenticate another unit); and 

promoting the second computer with a second authentication agent to perform 
authentication for the computer networl< (par.31-32, second unit authenticates third unit 
for first unit). 

Bartram does not expressly disclose that the authentication/ identification 
protocol is a zero-knowledge protocol. 

However, Applicant admits that the use of zero knowledge protocols was 
conventional and well known at the time the invention was made. Therefore, it would 
have been obvious to one having ordinary skill in the art at the time the invention was 
made to use zero knowledge authentication protocols with the invention of Bartram 
since it would extend authentication capabilities to other devices and other protocols. 

Regarding claim 3, the combination of Bartram and Admission teaches 
detecting a second authentication request over the computer network from a third 
computer having a third prover agent (par.26-29); authenticating the third prover agent 
through a zero-knowledge identification protocol with the second authentication agent 
(par.31-32); and promoting the third computer with a third authentication agent to 
perform authentication for the computer network (par.31-32). 
17. Claims 2, 4, and 9-12 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Bartram and Admission, and further in view of Vallee. 
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Regarding claims 2 and 9, the combination of Bartram and Admission does not 
expressly disclose, however, Vallee teaches periodically generating and distributing a 
new secret to the first and second authentication agents (par.90-108, Fiat-Shamir 
protocol). Therefore, it would have been obvious to one having ordinary skill in the art at 
the time the invention was made to publish new secrets as taught by Fiat-Shamir with 
the invention of Bartram. One of ordinary skill in the art would have been motivated to 
perform such a modification to renew the secret information. 

Regarding claim 4, the combination of Bartram and Admission does not 
expressly disclose, however, Vallee teaches periodically publishing encrypted numbers 
for the zero-knowledge identification protocol, including the steps of: 

generating first and second large prime numbers; calculating a product of the first 
and second large prime numbers; generating a secret to have a value relatively prime to 
the product, greater than zero and less than the product; encrypting the product; 
encrypting the secret; and publishing encrypted values of the secret and product 
(par.90-108, Fiat-Shamir protocol). Therefore, it would have been obvious to one having 
ordinary skill in the art at the time the invention was made to publish new secrets as 
taught by Fiat-Shamir with the invention of Bartram. One of ordinary skill in the art would 
have been motivated to perform such a modification to renew the secret information. 

Regarding claim 10, the combination of Bartram and Admission teaches the 
requesting computer comprising a cell phone (par.2-3). 
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Regarding claim 11, the combination of Bartram and Admission teaches the 
computer network comprising one or more of the Internet, a local area network, a 
communications link, and a wireless network (par.2-3). 

Regarding claim 12, the combination of Bartram and Admission teaches the 
authentication agents and prover agents being installed on each of the computers 
through common software (par.25-34). 

Allowable Subject Matter 

18. Claim 7 is objected to as being dependent upon a rejected base claim, but would 
be allowable if rewritten in independent form including all of the limitations of the base 
claim and any intervening claims. 

Conclusion 

1 9. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to David Garcia Cervetti whose telephone number is 
(571)272-5861 . The examiner can normally be reached on Monday-Tuesday and 
Thursday-Friday. 

20. If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Nasser Moazzami can be reached on (571)272-4195. The fax phone 
number for the organization where this application or proceeding is assigned is 571- 
273-8300. 

21 . Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



/David Garcia Cervetti/ 
Primary Examiner, Art Unit 2436 



